Stowage/godot
2
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2025-11-01 14:11:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

unix: Limit named pipe permissions to the current user

Browse source 
Named pipes created using the "pipe://" file access scheme should not be
world-writable or readable. Limit their access to the current user by
creating them with 0600 permissions instead of 0666.
This commit is contained in:
Andrew Price 2024-09-06 19:32:35 +01:00
parent f49c9d7cd1
commit 64077ff3de
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
drivers/unix/file_access_unix_pipe.cpp
View file

@ -65,7 +65,7 @@ Error FileAccessUnixPipe::open_internal(const String &p_path, int p_mode_flags)
struct stat st = {};
int err = stat(path.utf8().get_data(), &st);
if (err) {
if (mkfifo(path.utf8().get_data(), 0666) != 0) {
if (mkfifo(path.utf8().get_data(), 0600) != 0) {
last_error = ERR_FILE_CANT_OPEN;
return last_error;
}